The problem

The foobar-server is running some service – HTTP Server, a database or something different. For instance, let’s pretend you are running Mongo database, but it doesn’t actually matter.

Some firewall is set up around foobar-server, preventing you from accessing these services. Or maybe simply ports of these services are closed.

You want to access this service from another machine – What can we do?

Create SSH Tunel

We can establish SSH tunel between our machine and foobar-server. Let’s get right on it, it’s just one command.

1

ssh-L27077:localhost:27017your_user@foobar-server

You might use this in following situation:

your_user is username you use to access the foobar-server.

foobar-server is hostname of the server running your service. Ofcrouse you can just as fine use directly its IP address.

You want to access service running on port 27017 on the foobar-server. The way you could do that after running this command is by communication with 127.0.0.1:27077. Hence the structure of 27077:localhost:27017 represents local-port:target-host:target-port.

As a result, illusion that you are only accessing a service running locally on your machine. But what is actually really going is that

your data is encrypted,

sent through SSH Tunel to foobar-server,

foobar-server decrypts the data

foobar-server redirect decrypted data to target-host:target-port

And ofcourse, the same happens the other way around to deliver you the response from the service.